This report, based on Cyber Wardens research conducted in January 2024, reveals alarmingly common everyday habits exposing small businesses to cyber attacks. With almost 80% of owners observing risky practices within their teams, a proactive approach to cyber hygiene is crucial.
- Poor password management: Nearly 20% keep passwords written down, and almost 25% share them with colleagues.
- Vulnerable endpoints: Over 27% put computers in sleep mode instead of shutting down, delaying crucial software updates.
- Unwise communication: One in ten out-of-office messages disclose personal details, potentially aiding phishing attempts.
- Employee awareness varies: Millennials, larger teams, and women owners were more likely to identify bad habits.
- Implement Cyber Warden training to empower employees to spot and report risky behavior.
- Promote good habits like strong passwords, shutdowns for updates, and secure out-of-office messages.
- Utilize multi-factor authentication and password managers for enhanced security.
- Regularly back up data to facilitate swift recovery from attacks.
Small businesses can minimize cyber risks by:
- Prioritizing cyber hygiene awareness among all team members.
- Adopting secure password practices and leveraging password managers.
- Implementing out-of-office message guidelines to avoid vulnerability.
- Investing in multi-factor authentication and data backup solutions.
By addressing these key areas, small businesses can significantly reduce their cyber risk and ensure a more secure operating environment.
5 Good Habits to Keep Your Small Business Safe from Cyber Attacks
|Risks of not doing it
|Benefits of doing it
|Shut down computers
|Instead of sleep mode, shut down computers daily.
|Outdated software vulnerabilities become accessible to hackers.
|Automatic software updates install, enhancing protection.
|Use strong passphrases
|Create unique, long, and original passphrases for every account.
|Password reuse and short passwords lead to compromised accounts.
|Prevents access to multiple accounts if one is cracked.
|Report suspicious emails
|Share potentially dangerous emails with IT or management instead of deleting them.
|Missed scams leave others vulnerable and prevent investigation.
|Enables blocking senders, warning staff, and reporting scams.
|Provide unique logins
|Assign individual logins to each team member.
|Shared passwords expose multiple accounts if one is compromised.
|Enhances protection from insider threats and compromises.
|Install updates promptly
|Don’t delay, prioritize and install software updates as soon as possible.
|Security vulnerabilities remain exploitable if updates are ignored.
|Delivers bug fixes and security patches for fast protection.